ACE A2(2.3) and Set-Cookie header rewrite not working

kkataja · ‎11-10-2010

Hello,

I am trying to append "; secure; HttpOnly" string to Set-Cookie headers.

I can append to Server header but Set-Cookie is not modified by ACE!

action-list type modify http set-cookie-security
header rewrite response Set-Cookie header-value "(.*)" replace "%1; secure; HttpOnly"
header rewrite response Server header-value "(.*)" replace "%1; FD Core"

I am also using cookie sticky:

sticky http-cookie SERVER10 help.opsett.invalid-443
cookie insert browser-expire
serverfarm help.oppsett.invalid-443

The Server header modification is not needed, but here so I am convinced I have the right syntax.

Is rewriting Set-Cookie responses possible?

--

Kai

Gilles Dufour · ‎11-10-2010

You can't modify the set-cookie inserted by the ACE itself if that's what you're trying to do.

Gilles.

kkataja · ‎11-10-2010

No, it is not needed to modify ACE generated cookie.

Unfortunately the code shown does not modify server generated Set-Cookie headers either (action 1).

It modifies the server generated Server -header (action 2).

Kai

litrenta · ‎11-10-2010

I set this up in the lab and it works, there would be 2 Set-Cookie headers in the response one for the ace inserted cookie and the second for the server cookie. the server cookie is rewritten.

Is the server doing the set-cookie in the response to the first request of the tcp connection or in response to a subsequent request ? if it is in a response to a request other than the first request then you would need a parameter map (http) configured with "header modify per-request"

packet capture would be useful if not https.